<?php  
	include(ROOTPATH .'include'. DS .'protect.php');
	include(ROOTPATH .'include'. DS .'initUser.php');
	include(ROOTPATH .'class'. DS .'task.class.php');
	$media_ids		= explode('_',getQuery('id'));

	$task			= new task;
	$id 			= (int)$encrypt -> recode($media_ids[0]);
	$mediaPart		= (int)$media_ids[1];
	$page			= (int)getQuery('page');
	$passWord		= getQuery('password');
	
	if( $page != 0 )
		$mediaPart = $page ;

	$mediaType		= getQuery('mediaType');
	
	switch( $mediaType ){
		
		case 'task': $sql = 'SELECT * FROM `'.DB_PRE. $mediaType .'` WHERE `id` =  '. $id;
		break ;
		
		case 'file_thumb': $sql = 'SELECT * FROM `'.DB_PRE.'file` WHERE `id` =  '. $id;
		break ;
		
		case 'user_thumb': $sql = 'SELECT * FROM `'.DB_PRE.'user` WHERE `id` =  '. $id;
		break ;
		
		
		
		default : $sql = 'SELECT * FROM `'.DB_PRE.'file` WHERE `id` =  '. $id;
		break ;
		
		
		
		
	}
	
	
	
	
	$lists = $dbs -> select($sql );
	$list = $lists[0];
	
	$allowTaskCreator = $task -> allowTaskCreator($show['id']);
	
	if( $mediaType == '' || $mediaType =='file' ){		
		$downLoadStatus = '';
		if( $passWord != $list['passWord'] ){
			if( !($user -> id() == $list['user_id'] || $user -> powder() >= 9 || in_array($user -> id() , $allowTaskCreator) ) ){
				if( $passWord != '' )
					$downLoadStatus = lang_password_error ;
				require('attachmentPassword.php');
				exit();
			}
		}
	}
	
	
	$isExist = true ;
	if( count( $lists ) == 0 )
		$isExist = false ;
	
	switch( $mediaType ){
		
		
		case 'task': $mediaSource = $list['file'] ;
		break ;
		
		case 'file_thumb': $mediaSource = $list['thumb'] ;
		break ;
		
		case 'file': $mediaSource = $list['mediaSource'] ;
		break ;
		
		default : $mediaSource = $list['mediaSource'] ;
		
		
		
		
	} 
	$file_paths = explode('|',$mediaSource);
	
	
	if(  $mediaType == 'file_thumb')
		$mediaPart  = 1 ;
	
	$fileName = $file_paths[$mediaPart - 1] ;

//////////////////////////////////////////////////   down data


//根据文件名获取后缀

//检查盗链
$referer = parse_url($_SERVER['HTTP_REFERER']);
$whiteSites = explode('|',QUOTE_SITES) ;

if( !in_array( $referer["host"] , $whiteSites  )  ){	
	$fileName = THEME_PATH ."images/mediaThumb.jpg";
}

if( !file_exists($fileName) ){
	$fileName = THEME_PATH ."images/mediaThumb.jpg";
}
	

$url = HOSTROOT. $fileName ;

//获取文件在服务器上的绝对路径
$path = ROOTPATH .$fileName;

$extension = strtolower(trim(substr(strrchr($fileName, '.'), 1)));

	
//if( $extension == 'flv' || $extension == 'mp4'  ){
//	//if( $referer["host"] != '' )
//		echo $url ;
//	exit();
//}

// hits
if( $isExist && $mediaType == 'file'  ){
	$array = '';
	$array['downTimes'] = $list['downTimes']  + 1 ;
	$dbs -> update( DB_PRE .'file', $array , '`id` =  '. $id);
}


if( filesize($path) > 50 * 1000 * 1024 ){
	header("Location: ". $url);
	exit();
}else{
	switch ($extension){
		case "jpg":
		case "jpeg": $ctype="image/jpeg"; break;
		case "pdf": $ctype="application/pdf"; break;		
		case "gif": $ctype="image/gif"; break;	
		case "png": $ctype="image/png"; break;
		case "doc": $ctype="application/msword"; break;	
		case "zip":	$ctype="application/zip";break;	
		case "rar":	$ctype="application/rar";	break;	
		case "mp3":	$ctype="audio/mpeg3";	break;	
		case "avi":	$ctype="video/avi";	break;	
		case "doc":	$ctype="application/msword";break;	
		case "xls":	$ctype="application/vnd.ms-excel";	break;		
		case "wav":	$ctype="audio/wav";	break;	
		case "html":
		case "htm": $ctype="text/html";	break;	
		case "txt":	$ctype="text/plain";	break;
		case "flv":	$ctype="flv-application/octet-stream";	break;
		case "mp4":	$ctype="video/mp4";	break;		  
		default: $ctype="application/force-download"; //$ctype="application/octet-stream";
	}
	
	header("Pragma: public");
	header("Expires: 0");
	header("Cache-Control: must-revalidate, post-check=0, pre-check=0");
	header("Cache-Control: private",false);
	header("Content-type: ". $ctype);
	header("Content-Transfer-Encoding: binary");
	header("Content-Length: ". filesize($path));
	if( !($extension == 'jpg' || $extension == 'jpeg' || $extension == 'gif' || $extension == 'png') ){
		header('Content-Disposition: attachment; filename="'. HOST_NAME .'_'.basename($fileName).'";');
	}
	//set_time_limit( 1 * 24 * 3600 );
	
	readfile($path);

	exit();
}
?>